|
282561
|
- |
|
wp_content_source_control_project
|
wp_content_source_control
|
Directory traversal vulnerability in the file_get_contents function in downloadfiles/download.php in the WP Content Source Control (wp-source-control) plugin 3.0.0 and earlier for WordPress allows re…
|
CWE-22
Path Traversal
|
CVE-2014-5368
|
2024-11-21 11:11 |
2014-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282562
|
- |
|
check_mk_project
|
check_mk
|
Multiple cross-site scripting (XSS) vulnerabilities in the multisite component in Check_MK before 1.2.4p4 and 1.2.5 before 1.2.5i4 allow remote authenticated users to inject arbitrary web script or H…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5338
|
2024-11-21 11:11 |
2014-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282563
|
- |
|
cacti
|
cacti
|
SQL injection vulnerability in the graph settings script (graph_settings.php) in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2014-5262
|
2024-11-21 11:11 |
2014-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282564
|
- |
|
cacti
|
cacti
|
The graph settings script (graph_settings.php) in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a font size, related to the rrdtool comman…
|
CWE-94
Code Injection
|
CVE-2014-5261
|
2024-11-21 11:11 |
2014-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282565
|
- |
|
tenda
|
a5s_firmware
a5s
|
The Shenzhen Tenda Technology Tenda A5s router with firmware 3.02.05_CN allows remote attackers to bypass authentication and gain administrator access by setting the admin:language cookie to zh-cn.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-5246
|
2024-11-21 11:11 |
2014-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282566
|
- |
|
opensuse
xen
|
opensuse
xen
|
Certain MMU virtualization operations in Xen 4.2.x through 4.4.x, when using shadow pagetables, are not preemptible, which allows local HVM guest to cause a denial of service (vcpu consumption) by in…
|
CWE-399
Resource Management Errors
|
CVE-2014-5149
|
2024-11-21 11:11 |
2014-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282567
|
- |
|
opensuse
xen
|
opensuse
xen
|
Certain MMU virtualization operations in Xen 4.2.x through 4.4.x before the xsa97-hap patch, when using Hardware Assisted Paging (HAP), are not preemptible, which allows local HVM guest to cause a de…
|
CWE-399
Resource Management Errors
|
CVE-2014-5146
|
2024-11-21 11:11 |
2014-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282568
|
- |
|
esri
|
arcgis_server
|
Open redirect vulnerability in ESRI ArcGIS for Server 10.1.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via an unspecified parameter, related to log…
|
NVD-CWE-Other
|
CVE-2014-5122
|
2024-11-21 11:11 |
2014-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282569
|
- |
|
esri
|
arcgis_server
|
Multiple cross-site scripting (XSS) vulnerabilities in ESRI ArcGIS for Server 10.1.1 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters.
|
CWE-79
Cross-site Scripting
|
CVE-2014-5121
|
2024-11-21 11:11 |
2014-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282570
|
- |
|
freereprintables
|
articlefr
|
Multiple SQL injection vulnerabilities in Free Reprintables ArticleFR 3.0.4 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter in a (1) get or (2) set action to…
|
CWE-89
SQL Injection
|
CVE-2014-5097
|
2024-11-21 11:11 |
2014-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
